[NETFILTER]: Fix inverted matching in ipt_helper

Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@redhat.com>

[NETFILTER]: Fix inverted matching in ipt_helper
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@redhat.com>
bf1ca4c5 · Patrick McHardy · 68b229be · bf1ca4c5
Commit bf1ca4c5 authored Jun 21, 2004 by Patrick McHardy
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 6 deletions

net/ipv4/netfilter/ipt_helper.c net/ipv4/netfilter/ipt_helper.c +5 -6

No files found.
--- a/net/ipv4/netfilter/ipt_helper.c
+++ b/net/ipv4/netfilter/ipt_helper.c
@@ -41,17 +41,17 @@ match(const struct sk_buff *skb,
 	struct ip_conntrack_expect *exp;
 	struct ip_conntrack *ct;
 	enum ip_conntrack_info ctinfo;
-	int ret = 0;
+	int ret = info->invert;
 	
 	ct = ip_conntrack_get((struct sk_buff *)skb, &ctinfo);
 	if (!ct) {
 		DEBUGP("ipt_helper: Eek! invalid conntrack?\n");
-		return 0;
+		return ret;
 	}

 	if (!ct->master) {
 		DEBUGP("ipt_helper: conntrack %p has no master\n", ct);
-		return 0;
+		return ret;
 	}

 	exp = ct->master;
@@ -71,8 +71,8 @@ match(const struct sk_buff *skb,
 	DEBUGP("master's name = %s , info->name = %s\n", 
 		exp->expectant->helper->name, info->name);

-	ret = !strncmp(exp->expectant->helper->name, info->name, 
-	               strlen(exp->expectant->helper->name)) ^ info->invert;
+	ret ^= !strncmp(exp->expectant->helper->name, info->name, 
+	                strlen(exp->expectant->helper->name));
 out_unlock:
 	READ_UNLOCK(&ip_conntrack_lock);
 	return ret;
@@ -108,7 +108,6 @@ static struct ipt_match helper_match = {

 static int __init init(void)
 {
-	need_ip_conntrack();
 	return ipt_register_match(&helper_match);
 }